Category: securityweek

Google releases OSV-SCALIBR, an open source library for software composition analysis and file system scanning. The post Google Releases Open Source Library for Software Composition Analysis appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

The US Treasury has sanctioned two individuals and four entities involved in the North Korean fake IT worker scheme. The post US Announces Sanctions Against North Korean Fake IT Worker Network appeared first on SecurityWeek. This article has been indexed…

Read more →

Industry professionals comment on the Biden administration’s new executive order on cybersecurity.  The post Industry Reactions to Biden’s Cybersecurity Executive Order: Feedback Friday appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Industry Reactions…

Read more →

Three vulnerabilities in SimpleHelp could allow attackers to compromise the remote access software’s server and the client machine. The post Vulnerabilities in SimpleHelp Remote Access Software May Lead to System Compromise appeared first on SecurityWeek. This article has been indexed…

Read more →

Cisco has unveiled AI Defense, a solution designed to help organizations protect development and use of AI applications.  The post Cisco Unveils New AI Application Security Solution appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Microsoft researchers catches Russia’s Star Blizzard hackers spear-phishing with QR codes and WhatsApp group chats. The post Russian Cyberspies Caught Spear-Phishing with QR Codes, WhatsApp Groups appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

New research shows that over 4 million systems on the internet, including VPN servers and home routers, are vulnerable to attacks due to tunneling protocol flaws. The post Millions of Internet Hosts Vulnerable to Attacks Due to Tunneling Protocol Flaws…

Read more →

Authentication solutions provider Wultra has raised €3 million (~$3.1 million) for its post-quantum technology. The post Wultra Raises €3 Million for Post-Quantum Authentication appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Wultra Raises…

Read more →

North Korea-linked Lazarus Group is targeting freelance software developers to compromise the supply chain. The post North Korean Hackers Targeting Freelance Software Developers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: North Korean…

Read more →

Both human and machine identities occupy a unique position: they are simultaneously the foundation of cybersecurity and its weakest link. The post Cyber Insights 2025: Identities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

Hackers have leaked 15,000 Fortinet firewall configurations, which were apparently obtained as a result of exploitation of CVE-2022–40684. The post Data From 15,000 Fortinet Firewalls Leaked by Hackers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

In 2024 organizations informed the US government about 585 healthcare data breaches affecting a total of nearly 180 million user records. The post 2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records appeared first on SecurityWeek. This…

Read more →

Jen Easterly hopes CISA is allowed to continue its election-related work under new leadership despite “contentiousness” around that part of its mission. The post Head of US Cybersecurity Agency Says She Hopes It Keeps up Election Work Under Trump appeared…

Read more →

Explore industry moves and significant changes in the industry for the week of January 13, 2025. Stay updated with the latest industry trends and shifts. This article has been indexed from SecurityWeek Read the original article: Industry Moves for the…

Read more →

Law enforcement turns the PlugX malware’s own self-delete mechanism against it, nuking the China-linked trojan from thousands of US machines. The post FBI Uses Malware’s Own ‘Self-Delete’ Trick to Erase Chinese PlugX From US Computers appeared first on SecurityWeek. This…

Read more →

With DORA’s January 2025 compliance deadline approaching, financial institutions must embrace rigorous testing, tailored threat profiles, and continuous vigilance to safeguard against cyber threats. The post DORA’s Deadline Looms: Navigating the EU’s Mandate for Threat Led Penetration Testing appeared first…

Read more →

Open source software (OSS) is a prime target for supply chain cyberattacks and protecting it remains a major challenge. The post Cyber Insights 2025: Open Source and Software Supply Chain Security appeared first on SecurityWeek. This article has been indexed…

Read more →

A vulnerability in Google’s OAuth implementation allows takeover of old employee accounts when domain ownership changes. The post Google OAuth Flaw Leads to Account Takeover When Domain Ownership Changes appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

Google has released Chrome 132 with fixes for 16 vulnerabilities, including multiple high-severity security defects. The post Chrome 132 Patches 16 Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Chrome 132 Patches…

Read more →

Nvidia, Zoom, and Zyxel have released patches for multiple high-severity vulnerabilities across their products. The post Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Nvidia, Zoom, Zyxel…

Read more →